# #Step to reproduce.Step1:Login in to Open-AuditStep2:Go to Attributes pageStep3:Select any attribute which are listedStep4:click on details tab.Step5:In the Name field put the following payload and click submit.

<p>Sorry! We have moved! The new URL is: <a href="http://geektyper.com/">Open-Audit</a></p>

Step6:Go to export tab and export using HTML TableStep7:When user open download attribute.html file.You will see redirectionhyperlink.Step8:When user click on link ,User will be redirected to Attacker ormalicious website.

# #Step to reproduce.Step1:Login in to Open-AuditStep2:Go to Attributes pageStep3:Select any attribute which are listedStep4:click on details tab.Step5:In the Name field put the following payload and click submit.

Apache OpenWhisk is prone to a remote code-execution vulnerability.An attacker may exploit this issue to inject and execute arbitrary code within the context of the affected application; this may aid in further attacks.Versions prior to Apache OpenWhisk 1.3.1 are vulnerable.